Directory traversal vulnerabilities in Interstage Application Server(CVE-2007-0450). March 3rd, 2009
1. Background and Detected problem(s)
Directory traversal vulnerabilities have been discovered in the Servlet Service based on Tomcat4.1 or Tomcat5.5.
Exploitation of these vulnerabilities could allow unauthenticated users to access web applications that have restricted access.
However, they cannot access the system files by traversing directory hierarchy from the directory where a web application is deployed.
This information is derived from the vulnerability on the following web site:
CVE-2007-0450: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450
2. Method to temporarily avoid the problem
Deploy the web applications with restricted and non-restricted access to separate IJServers.
Note: When the method is complete, if the request URI includes attack pattern strings, servlet service processes as follows.
- Servlet service based on Tomcat4.1:
The HTTP status code becomes 500 in the response and the string "IJServer14795" is output to container.log. - Servlet service based on Tomcat5.5:
The HTTP status code becomes 404 in the response.
3. Corresponding system and Patch information
Corresponding system :GP7000F, PRIMEPOWER, PRIMERGY, GP5000, CELSIUS, FMV series, AT compatible machine, PRIMEQUEST
| Products | Target OS | Package name | Patch ID. |
|---|---|---|---|
| Interstage Application Server Enterprise Edition 6.0 | Solaris 8, 9 | FJSVjs4 | * |
| Interstage Application Server Enterprise Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-07* |
| Interstage Application Server Standard Edition 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-07* |
| Interstage Application Server Plus 7.0 | Solaris 8, 9 | FJSVjs4 | T020LS-07* |
| Interstage Application Server Enterprise Edition 7.0.1 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-07* |
| Interstage Application Server Plus 7.0.1 | Solaris 8, 9, 10 | FJSVjs4 | T020LS-07* |
| Interstage Application Server Enterprise Edition V8.0.0 | Solaris 9, 10 | FJSVjs4 | * |
| Interstage Application Server Standard-J Edition V8.0.0 | Solaris 9, 10 | FJSVjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.2 | Solaris 9, 10 | FJSVjs4 | * |
| Interstage Application Server Standard-J Edition V8.0.2 | Solaris 9, 10 | FJSVjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.3 | Solaris 9, 10 | FJSVjs4 | * |
| Interstage Application Server Standard-J Edition V8.0.3 | Solaris 9, 10 | FJSVjs4 | * |
| Interstage Application Server Enterprise Edition V6.0 for Windows | Windows Server 2003/ Windows 2000/ Windows NT Server 4.0 | F3FMjs4 | TP09743* |
| Interstage Application Server Plus V6.0 for Windows | Windows Server 2003/ Windows 2000/ Windows NT Server 4.0 | F3FMjs4 | TP09743* |
| Interstage Application Server Plus Developer V6.0 for Windows | Windows Server 2003/ Windows 2000/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TP09743* |
| Interstage Application Server Enterprise Edition V7.0 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | TP09768* |
| Interstage Application Server Standard Edition V7.0 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | TP09768* |
| Interstage Application Server Plus V7.0 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | TP09768* |
| Interstage Application Server Plus Developer V7.0 for Windows | Windows Server 2003/ Windows 2000/ Windows XP | F3FMjs4 | TP09768* |
| Interstage Application Server Enterprise Edition V7.0.1 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | TP09768* |
| Interstage Application Server Plus V7.0.1 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | TP09768* |
| Interstage Application Server Enterprise Edition V8.0.0 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | * |
| Interstage Application Server Standard-J Edition V8.0.0 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.1 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | * |
| Interstage Application Server Standard-J Edition V8.0.1 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.2 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | * |
| Interstage Application Server Standard-J Edition V8.0.2 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.3 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | * |
| Interstage Application Server Standard-J Edition V8.0.3 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | * |
| Interstage Application Server Enterprise Edition V9.0.0 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | * |
| Interstage Application Server Standard-J Edition V9.0.0 for Windows | Windows Server 2003/ Windows 2000 | F3FMjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.0 for Windows | Windows Server 2003(IPF) | F3FMjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.3 for Windows | Windows Server 2003(IPF) | F3FMjs4 | * |
| Interstage Application Server Enterprise Edition V6.0 for Linux | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | * |
| Interstage Application Server Enterprise Edition V7.0 for Linux | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-06* |
| Interstage Application Server Standard Edition V7.0 for Linux | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-06* |
| Interstage Application Server Plus V7.0 for Linux | RHEL-AS3(x86)/ ES3(x86) | FJSVjs4 | T00836-06* |
| Interstage Application Server Enterprise Edition V8.0.0 for Linux | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | * |
| Interstage Application Server Standard-J Edition V8.0.0 for Linux | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.2 for Linux | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | * |
| Interstage Application Server Standard-J Edition V8.0.2 for Linux | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.3 for Linux | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | * |
| Interstage Application Server Standard-J Edition V8.0.3 for Linux | RHEL-AS4(x86)/ AS4(EM64T) | FJSVjs4 | * |
| Interstage Application Server Enterprise Edition V7.0 for Linux | RHEL-AS4(IPF) | FJSVjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.0 for Linux | RHEL-AS4(IPF) | FJSVjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.1 for Linux | RHEL-AS4(IPF) | FJSVjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.2 for Linux | RHEL-AS4(IPF) | FJSVjs4 | * |
| Interstage Application Server Enterprise Edition V8.0.3 for Linux | RHEL-AS4(IPF) | FJSVjs4 | * |
| Products | Target OS | Package name | Patch ID. |
|---|---|---|---|
| Interstage Apworks Modelers-J Edition V6.0 for Windows | Windows Server 2003/ Windows 2000/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TP09743* |
| Interstage Apworks Modelers-J Edition V6.0A for Windows | Windows Server 2003/ Windows 2000/ Windows NT Server 4.0/ Windows XP | F3FMjs4 | TP09743* |
| Interstage Apworks Modelers-J Edition V7.0 for Windows | Windows Server 2003/ Windows 2000/ Windows XP | F3FMjs4 | TP09768* |
| Interstage Studio Enterprise Edition 8.0.1 for Windows | Windows Server 2003/ Windows 2000/ Windows XP | F3FMjs4 | * |
| Interstage Studio Standard-J Edition 8.0.1 for Windows | Windows Server 2003/ Windows 2000/ Windows XP | F3FMjs4 | * |
| Interstage Studio Enterprise Edition 9.0.0 for Windows | Windows Server 2003/ Windows 2000/ Windows XP/ Windows Vista | F3FMjs5 | * |
| Interstage Studio Standard-J Edition 9.0.0 for Windows | Windows Server 2003/ Windows 2000/ Windows XP/ Windows Vista | F3FMjs5 | * |
| Products | Target OS | Package name | Patch ID. |
|---|---|---|---|
| Interstage Business Application Server Enterprise Edition 8.0.0 for Linux | RHEL-AS4(IPF) | FJSVjs4 | * |
| Products | Target OS | Package name | Patch ID. |
|---|---|---|---|
| Interstage Job Workload Server 8.1.0 for Linux | RHEL-AS4(IPF) | FJSVjs4 | * |
* For the Patches without ID nor link, please contact a Fujitsu system engineer or your partner(s).
4. Revision history
- March 3rd 2009: 2nd release
- Description about Servlet Service based on Tomcat5.5 has been added to the "1. Background and Detected problem(s)" and "2. Method to temporarily avoid the problem".
- Package names for the products listed below have been corrected from F3FMjs4 to F3FMjs5 in "3. Corresponding system and Patch information".
"Interstage Studio Enterprise Edition 9.0.0 for Windows"
"Interstage Studio Standard-J Edition 9.0.0 for Windows" - Some "Patch ID."s have been added in "3. Corresponding system and Patch information".
- September 6th, 2007 : Initial release
